IS/DPP for staff #3b - Data Classification
-
Upload
tommy-vandepitte -
Category
Education
-
view
9 -
download
0
Transcript of IS/DPP for staff #3b - Data Classification
![Page 1: IS/DPP for staff #3b - Data Classification](https://reader034.fdocuments.in/reader034/viewer/2022052514/58f051f11a28ab7e738b46bb/html5/thumbnails/1.jpg)
- Internal -
IS/DPP Baseline Training
E-learning – Part 3 – Data & Classification
![Page 2: IS/DPP for staff #3b - Data Classification](https://reader034.fdocuments.in/reader034/viewer/2022052514/58f051f11a28ab7e738b46bb/html5/thumbnails/2.jpg)
2- Internal - Page
Confidentiality
![Page 3: IS/DPP for staff #3b - Data Classification](https://reader034.fdocuments.in/reader034/viewer/2022052514/58f051f11a28ab7e738b46bb/html5/thumbnails/3.jpg)
3- Internal - Page
Confidentiality
![Page 4: IS/DPP for staff #3b - Data Classification](https://reader034.fdocuments.in/reader034/viewer/2022052514/58f051f11a28ab7e738b46bb/html5/thumbnails/4.jpg)
4- Internal - Page
Confidentiality
Website content, approved media releases, marketing materials, … Public
Inte
nded
for
publ
ic di
strib
utio
n
Website content, approved media releases, marketing materials, …
![Page 5: IS/DPP for staff #3b - Data Classification](https://reader034.fdocuments.in/reader034/viewer/2022052514/58f051f11a28ab7e738b46bb/html5/thumbnails/5.jpg)
5- Internal - Page
Confidentiality
Public
Inte
nded
for
publ
ic di
strib
utio
n
Acce
ss b
ased
on
“nee
d-to
-kno
w”
“CONFI
DENTI
AL”
![Page 6: IS/DPP for staff #3b - Data Classification](https://reader034.fdocuments.in/reader034/viewer/2022052514/58f051f11a28ab7e738b46bb/html5/thumbnails/6.jpg)
6- Internal - Page
Confidentiality
Internal
Public
Inte
nded
for
publ
ic di
strib
utio
n
Acce
ss b
ased
on
“nee
d-to
-kno
w”
“CONFI
DENTI
AL”
Departmental memos, information on bulletin boards, training materials, policies, procedures, instructions, phone/email directories,…
![Page 7: IS/DPP for staff #3b - Data Classification](https://reader034.fdocuments.in/reader034/viewer/2022052514/58f051f11a28ab7e738b46bb/html5/thumbnails/7.jpg)
7- Internal - Page
Confidentiality
Website content, approved media releases, marketing materials, …
Restricted
Internal
Public
Inte
nded
for
publ
ic di
strib
utio
n
Acce
ss b
ased
on
“nee
d-to
-kno
w”
“CONFI
DENTI
AL”
Personal data, customer correspondence, staff data, internal audit reports, …
![Page 8: IS/DPP for staff #3b - Data Classification](https://reader034.fdocuments.in/reader034/viewer/2022052514/58f051f11a28ab7e738b46bb/html5/thumbnails/8.jpg)
8- Internal - Page
Confidentiality
Website content, approved media releases, marketing materials, …
Restricted
Internal
Public
Inte
nded
for
publ
ic di
strib
utio
n
Acce
ss b
ased
on
“nee
d-to
-kno
w”
“CONFI
DENTI
AL”
Secret Passwords and other authentication credentials, new products, mergers,…
![Page 9: IS/DPP for staff #3b - Data Classification](https://reader034.fdocuments.in/reader034/viewer/2022052514/58f051f11a28ab7e738b46bb/html5/thumbnails/9.jpg)
9- Internal - Page
![Page 10: IS/DPP for staff #3b - Data Classification](https://reader034.fdocuments.in/reader034/viewer/2022052514/58f051f11a28ab7e738b46bb/html5/thumbnails/10.jpg)
10- Internal - Page
ConfidentialityIntegrity
![Page 11: IS/DPP for staff #3b - Data Classification](https://reader034.fdocuments.in/reader034/viewer/2022052514/58f051f11a28ab7e738b46bb/html5/thumbnails/11.jpg)
11- Internal - Page
ConfidentialityIntegrityAvailability
![Page 12: IS/DPP for staff #3b - Data Classification](https://reader034.fdocuments.in/reader034/viewer/2022052514/58f051f11a28ab7e738b46bb/html5/thumbnails/12.jpg)
12- Internal - Page
ConfidentialityAvailabilityPrivacyIntegrity
![Page 13: IS/DPP for staff #3b - Data Classification](https://reader034.fdocuments.in/reader034/viewer/2022052514/58f051f11a28ab7e738b46bb/html5/thumbnails/13.jpg)
13- Internal - Page
Control
Data Subject
Processing personal data
Data Controller
Finality Legitimacy
Transparency Organisation
Proportional
end-to-end
Data Protection Act / GDPR
Expectations
![Page 14: IS/DPP for staff #3b - Data Classification](https://reader034.fdocuments.in/reader034/viewer/2022052514/58f051f11a28ab7e738b46bb/html5/thumbnails/14.jpg)
14- Internal - Page
Data Subject
Processing personal data
Data Controller
Data Protection Act / GDPR
1. What would your reaction be if we did it to your personal data?
Expectations
![Page 15: IS/DPP for staff #3b - Data Classification](https://reader034.fdocuments.in/reader034/viewer/2022052514/58f051f11a28ab7e738b46bb/html5/thumbnails/15.jpg)
15- Internal - Page
Data Subject
Processing personal data
Data Controller
Data Protection Act / GDPR
1. What would your reaction be if we did it to your personal data?2. What would the reaction be of somebody who likes his privacy,if we did it to his/her personal data?
Expectations
![Page 16: IS/DPP for staff #3b - Data Classification](https://reader034.fdocuments.in/reader034/viewer/2022052514/58f051f11a28ab7e738b46bb/html5/thumbnails/16.jpg)
16- Internal - Page
Data Subject
Processing personal data
Data Controller
Data Protection Act / GDPR
1. What would your reaction be if we did it to your personal data?2. What would the reaction be of somebody who likes his privacy,if we did it to his/her personal data?
3. What would the reaction of the public be if what we do to personal data is in detail explained on the front page of tomorrow’s newspaper?
Expectations
![Page 17: IS/DPP for staff #3b - Data Classification](https://reader034.fdocuments.in/reader034/viewer/2022052514/58f051f11a28ab7e738b46bb/html5/thumbnails/17.jpg)
17- Internal - Page
Data Subject
Processing personal data
Data Controller
Data Protection Act / GDPR
1. What would your reaction be if we did it to your personal data?2. What would the reaction be of somebody who likes his privacy,if we did it to his/her personal data?
3. What would the reaction of the public be if what we do to personal data is in detail explained on the front page of tomorrow’s newspaper?
Expectations
![Page 18: IS/DPP for staff #3b - Data Classification](https://reader034.fdocuments.in/reader034/viewer/2022052514/58f051f11a28ab7e738b46bb/html5/thumbnails/18.jpg)
18- Internal - Page
Full Set of Data Classifications: PATRIC
Category Classifications
Privacy
Use the (personal) data in line with the original purpose (original) purpose
Availability
Ensure that information is available to authorized persons Non-Essential, Essential, Critical and Highly Critical
Traceability
Modifications can be traced back Non-Traceable, Sensitive and Critical
Retention
Retained & disposed in line with law & business objectives No Retention, Short-Term, Mid-Term and Long-Term
Integrity
Prevent accidental, unauthorized and deliberate alteration or deletion Accurate, Vital and Absolute
Confidentiality
Prevent unauthorized disclosure Public, Internal, Restricted and Secret
Company specific
![Page 19: IS/DPP for staff #3b - Data Classification](https://reader034.fdocuments.in/reader034/viewer/2022052514/58f051f11a28ab7e738b46bb/html5/thumbnails/19.jpg)
19- Internal - Page
Full Set of Data Classifications: PATRIC
Category Classifications
Privacy
Use the (personal) data in line with the original purpose (original) purpose
Availability
Ensure that information is available to authorized persons Non-Essential, Essential, Critical and Highly Critical
Traceability
Modifications can be traced back Non-Traceable, Sensitive and Critical
Retention
Retained & disposed in line with law & business objectives No Retention, Short-Term, Mid-Term and Long-Term
Integrity
Prevent accidental, unauthorized and deliberate alteration or deletion Accurate, Vital and Absolute
Confidentiality
Prevent unauthorized disclosure Public, Internal, Restricted and Secret
Company specific
![Page 20: IS/DPP for staff #3b - Data Classification](https://reader034.fdocuments.in/reader034/viewer/2022052514/58f051f11a28ab7e738b46bb/html5/thumbnails/20.jpg)
20- Internal - Page
Key Takeaways
ABC Group classifies on different levels : personal data and PATRIC.
All information has a classification, even if it is not explicit.
You should classify.
Confidentiality distinguishes different circles: public, internal, restricted and secret, wherein personal data is always at least “restricted”.
30 sec IS/DPP survival kit
Wra
p U
p